Vulnerabilities > Mysql > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-08-30 | CVE-2006-4305 | Remote Buffer Overflow vulnerability in SAP-DB/MaxDB WebDBM Buffer overflow in SAP DB and MaxDB before 7.6.00.30 allows remote attackers to execute arbitrary code via a long database name when connecting via a WebDBM client. | 10.0 |
2005-04-26 | CVE-2005-1274 | Remote Security vulnerability in MaxDB Stack-based buffer overflow in the getIfHeader function in the WebDAV functionality in MySQL MaxDB before 7.5.00.26 allows remote attackers to execute arbitrary code via an HTTP unlock request and a long "If" parameter. | 10.0 |
2005-04-25 | CVE-2005-0684 | Remote Buffer Overflow vulnerability in MySQL MaxDB HTTP GET Request Multiple buffer overflows in the web tool for MySQL MaxDB before 7.5.00.26 allows remote attackers to execute arbitrary code via (1) an HTTP GET request with a long file parameter after a percent ("%") sign or (2) a long Lock-Token string to the WebDAV functionality, which is not properly handled by the getLockTokenHeader function in WDVHandler_CommonUtils.c. | 10.0 |
2005-01-10 | CVE-2004-1168 | Remote Security vulnerability in MaxDB Stack-based buffer overflow in the WebDav handler in MaxDB WebTools 7.5.00.18 and earlier allows remote attackers to execute arbitrary code via a long Overwrite header. | 10.0 |
2004-12-06 | CVE-2004-0628 | Denial Of Service vulnerability in Mysql 4.1.0 Stack-based buffer overflow in MySQL 4.1.x before 4.1.3, and 5.0, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long scramble string. | 10.0 |
2004-12-06 | CVE-2004-0627 | Unspecified vulnerability in Mysql 4.1.0 The check_scramble_323 function in MySQL 4.1.x before 4.1.3, and 5.0, allows remote attackers to bypass authentication via a zero-length scrambled string. | 10.0 |
2003-09-22 | CVE-2003-0780 | Buffer overflow in get_salt_from_password from sql_acl.cc for MySQL 4.0.14 and earlier, and 3.23.x, allows attackers with ALTER TABLE privileges to execute arbitrary code via a long Password field. | 9.0 |